Zuckerberg pictures exposed by Facebook privacy roll-back • The Register
Serves him right.  And everyone should take care to keep their Facebook data restricted to those they actually want to see it. 

Powered by ScribeFire.

The Register reports today (UK gets final warning over Phorm trials) that the UK Government has moved closer to Infringement proceedings over the Phorm phiasco.

The UK government today came a step closer to international embarrassment over its failure to act against BT and Phorm for their secret trials of mass internet snooping technology.

The European Commission said it had moved to the second stage of infringement proceedings after the trials, revealed by The Register, exposed failings in the UK's implementation of privacy laws.

The Guardian reports (Office of Fair Trading to investigate targeted ads and pricing online) that the Office of Fair Trading is to investigate aspects of behavioural advert targeting. 

"We are also considering including the use of personal information in advertising and pricing," said the OFT. "In particular, we may look at behavioural advertising where information on a consumer's online activity is used to target the internet advertising they see.

So, we're in the midst of a major recession, the Government has spent huge amounts bailing out the fat cats of international banking, and Joe Public is tightening his or her belt.  The Higher Education Sector, in which I work, is certainly feeling the chill wind of cut-backs, and in my Institution's case this comes on top of the Goverment's ELQ policy.

So, one might have thought that costly and pointless exercises such as the dreadful ID card plan, and the even more despicable Interception Modernisation Programme might have been curtailed or dropped.  Not a bit of it.  Computer Weekly reports (Home Office trebles consultancy spend):

One of the more bizarre features of the Phorm business model has always been the question of why businesses would allow their webpages to be scanned by Phorm's deep packet inspection system.  My understanding of Phorm's system is that individual web users' browsing habits are monitored by kit installed within the ISP's infrstructure, and that key words are extracted from visited web pages and used to target advertisements to the user.

What's always surprised me is that companies weren't flocking to request their exclusion from this system: after all if web users are looking through my product line, why would I want them to be offered adverts from my competitors?

It's been a while since I mentioned Phorm on this blog.  Mostly that's because it's become less of a threat to the UK ISPs (but other murky operators lurk in the wings, judging from the nodpi.org forum), since BT confirmed they had no plans to implement Phorm.  BT's announcement was closely followed by Carphone Warehouse and a rather lukewarm statement from Virgin Media.

The market responded to the rug being pulled from under Phorm by a mammoth drop in share price, a decline which has continued since.  Interactive Investor now has the price at 130 pence, possibly its lowest event point.

The Guardian reports (BT drops Phorm targeted ad service after customers cry foul over privacy) that BT have decided not to implement the vile DPI system for targeting adverts that has been devised by the former spyware company Phorm.  

The company, which has received complaints from customers about Phorm, said the decision was down to its need to conserve resources as it looks to invest £1.5bn in putting a next-generation super-fast broadband network within reach of 10 million homes by 2012. Privately, however, BT bosses have been increasingly concerned about consumer resistance to advertising based on monitoring users' online behaviour and specifically about the backlash against Phorm.

According to The Times (Phorm stranded as BT and Carphone pull plug on online 'spying' technology), Carphone Warehouse, who's TalkTalk subsidiary were one of the ISPs lining up to use Phorm's invasive DPI technology, have now decided to fall into line an announce they would likewise not implement it.  BT's role as the market leader is evident:

After BT's move, Charles Dunstone, head of Carphone Warehouse, said: "We were only going to do it if BT did it and if the whole industry was doing it. We were not interested enough to do it on our own."

In a brief article in The Guardian (Consumers will see benefits - The case for Phorm), Guy Phillipson and Nick Stringer the chief executive and head of regulatory affairs respectively at the Internet Advertising Bureau attempt to make the case for Phorm.  Of course, they are (in my opinion) slightly economical with the truth in that the objections of the "Privacy Pirates"* over at nodpi.org lies not with targeted advertising, but with the probably illegal interception of internet traffic via deep packet inspection.  The objections focus largely on privacy issues, on copyright issues (making copies of web pages without authorisation), and on legality (e.g. interception of communication).

It would seem that the EU share the objectors' concerns having repeatedly requested the UK Government to respond to their concerns about internet privacy.  Unfortunately HMG won't release their response to Commisioner Reding.  Messrs Phillipson and Stringer believe that Phorm have signed up to the AIB's principles of good practice.  But how sure can the consumer be where Phorm is concerned, given its past identity as 121media?

So, over the last few weeks (and while I've been away and not blogging), the vile company Phorm - formerly spyware merchants 121media - have been in the news. In rough chronological order:

• They raised £15 million in some share deal or other
• They began talking of (and, I think began) trials of their vile DPI system in South Korea
• They pre-empted their financial results with the announcement of a desktop implementation of their behavioral advert targeting (strangely undescriptive)
• Financial results were released, revealing no income over the year, but expenditure of $50 million

The question in my mind is, how long can a company with a poor reputation (due to their previous activities), with an intrusive and possibly illegal technology, which has no ISP partners signed up (even after three trials - one open, the other two secret) keep going?

The UK Government's obsession with knowing what we've done, what we're doing, and what we're planning on doing is not only intrusive but borders on the dangerous.  The Daily Telegraph reports (ID cards: taxman allowed access to personal data) that tax official will have access to data held by the ID card system.

HM Revenue and Customs staff will be able to examine people's financial transactions on the scheme's database and search for evidence of undeclared earnings or bank accounts.

One campaigning point regarding the vile Phorm deep packet inspection system has been to suggest to major websites that they consider whether they should request that Phorm do not spy on their visitors. In recent months, some big players in the internet have done just that - Amazon and Wikipedia are two stand-out examples.

Since the BBC run one of the most visited sites in the internet, a number of people have written to enquire whether the BBC might do the same (and of course at a slightly more trivial level, the BT-Phorm system is branded BT-WebWise - very similar naming to the BBC's entirely different Webwise).

The BBC reports (DNA data plan comes under fire) that the Government's wholly inadequate response to the European Court of Human Rights ruling that retention of DNA profiles of individuals who have not been convicted of an offence is attracting considerable criticism.

In response to a number of commentators' objections to the Government's plans to continue to retain these data for up to 12 years,

The forums at nodpi.org are an extremely useful source of information on Phorm and allied aspects of internet privacy issues.  In particular, I've recently found that their coverage of the appearance of the Phorm website which aims to smear their opposition has been fun, particularly the whole "privacy pirate" schtick.  More seriously, some of the accsations on that site have proven to be untrue.  Clearly the nodpi website continues to be a thorn in the side of Phorm - I strongly recommend that broadband customers of British Telecom have a look at the discussions there.

Supporters of Phorm sometimes post on a number of discussion forums around the web, including nodpi, leave comments on articles critical of Phorm (it must be an uphill battle, as most of the articles I see on the topic seem to be critical of Phorm), etc, as it their right.  Last night it seems that a concerted assault on the nodpi forums took place, with Phorm supporters posting articles containing pornographic material and personal attacks on members. As usual, these passed me by (as I was in the land of nod), but I think it took a lot of time for the admins to clear it all up.

Wikimedia, who manage Wikipedia among other sites have announced via their blog that they have officially opted out of Phorm's deep packet inspection system.  In their blog article, they indicate that one of their concerns is that by opting out, they might somehow legitimise Phorm's system.  After due consideration, they decided the appropriate action would be to opt out of the system, and they show an extensive list of URLs that have been removed.

More good news on a week of exceptionally good news on the Phorm phront.

Chris Williams of The Register certainly has been working hard, and this in a week that's absolutely stuffed with stories relating to Phorm's violation of internet privacy!  Today, he reports (Tory 'terror' affair shows danger of ubiquitous surveillance) on the circumstances surrounding the arrest a few months ago of Tory immigration spokesman Damian Green:

The "national security" justification offered by Jacqui Smith for the warrantless counter-terror police raid on a fellow member of Parliament's offices was trumped up by officials embarrassed by a series of leaks, we've now learned. The information about immigration failures fed to the Tories was politically damaging to the Labour government, but arguably in the public interest, and certainly no threat to national security.

After all the accusations of conflicts of interests (see for example 80/20 Thinking drops advisory work, after accusations of conflict of interest), Privacy International have apparently made a public statement concerning the implications of deep packet inspection on privacy.  Oddly, you can read the statement at the nodpi website (Privacy International's Official Reponse on Deep Packet Inspection), but I can't see a mention yet at Privacy International's website.  Perhaps the announcement at nodpi.org is connected with the announcement in the statement that the driving force behind nodpi, Alex Hanff, has joined the PI team on this matter:

To this end, we are pleased to announce a new addition to our team. Alexander Hanff, a social scientist and technologist who has led a long campaign against the use of Deep Packet Inspection for behavioural advertising models in the UK, will be taking the lead for Privacy International on these issues. 

We were promised consultation on the Interception Modernisation Programme (IMP) by early in 2009, but as far as I can see this hasn't happened yet.  Of course, in that time, we've seen considerable discussion of communication interception technologies (such as those devised and proposed by Phorm for commercial purposes) and the data retention directive emanating from the EC.

Now, The Register reports that developments in eavesdropping capacity are moving ahead (Spy chiefs size up net snoop gear):

Henry Porter's written in The Guardian on the growing desire of the present UK Government for data control...and the spiralling costs (Paying billions for our database state).  There are two frightening aspects.

Firstly, the evident desire of our Government to find out what we are all up to - innocent or under suspicion, we are all targets for the prying eyes of the State.

All go overnight on the anti-Deep Packet Inspection front.  Phorm are presumably a bit rattled by the developments of the last week (e.g. the EU action, the FOI requests that revealed that Government departments did not give Phorm their blessing, among others) - they have set up a bizarre website (stopphoulplay.com) to defend themselves against the likes of Alex Hanff and the nodpi.org crew.  This precipitated an article in the Daily Telegraph (Phorm chief labels critics 'serial agitators').

I suspect this will prove to be a collossal own-goal on Phorm's part.  There's a lengthy thread developing over at the nodpi.org forums, and you can read Alex Hanff's response (Privacy Pirates and Angry Activists).